arp请求和回应
环境
pip3 install scapy
pip3 install ipython
from scapy.all import *
ls(Ether())
或者独立使用
scapy
>>>
抓包
抓取arp报文
tcpdump -ent arp
抓取2个arp包,保存到cap中,可以用wireshark打开
tcpdump -ent -c 2 arp -w test.cap
过滤网卡
tcpdump -i enp4s0 arp
arp请求
from scapy.all import *
eth =Ether(dst="ff:ff:ff:ff:ff:ff")
arp = ARP(pdst="192.168.10.99")
packet = eth / arp
desired_length = 60
current_length = len(bytes(packet))
padding_length = desired_length - current_length
# 如果需要填充,添加 Raw 层作为填充
if padding_length > 0:
padding = Raw(b'\xcd' * padding_length) # 填充cd
packet = packet / padding
packet.show()
sendp(packet)
arp应答
from scapy.all import ARP, Ether, sniff, sendp, Raw
def arp_response(packet):
if packet.haslayer(ARP) and packet[ARP].op == 1: # ARP 请求 (op=1)
packet = Ether(dst=packet[Ether].src) / ARP(op=2, psrc=packet[ARP].pdst, pdst=packet[ARP].psrc, hwdst=packet[Ether].src)
desired_length = 60
current_length = len(bytes(packet))
padding_length = desired_length - current_length
if padding_length > 0:
padding = Raw(b'\xab' * padding_length)
packet = packet / padding
packet.show()
sendp(packet)
sniff(filter="arp", prn=arp_response, store=0)